Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Flycms Security Vulnerabilities

cve
cve

CVE-2020-19613

Server Side Request Forgery (SSRF) vulnerability in saveUrlAs function in ImagesService.java in sunkaifei FlyCMS version 20190503.

7.5CVSS

7.5AI Score

0.003EPSS

2021-04-01 07:15 PM
36
2
cve
cve

CVE-2020-36065

Cross Site Request Forgery (CSRF) vulnerability in FlyCms 1.0 allows attackers to add arbitrary administrator accounts via system/admin/admin_save.

8.8CVSS

8.7AI Score

0.001EPSS

2023-05-08 02:15 PM
9
cve
cve

CVE-2023-52072

FlyCms v1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /system/site/userconfig_updagte.

8.8CVSS

8.8AI Score

0.001EPSS

2024-01-08 10:15 PM
11
cve
cve

CVE-2023-52073

FlyCms v1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /system/site/config_footer_updagte.

8.8CVSS

8.8AI Score

0.001EPSS

2024-01-08 10:15 PM
17
cve
cve

CVE-2023-52074

FlyCms v1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component system/site/webconfig_updagte.

8.8CVSS

8.8AI Score

0.001EPSS

2024-01-08 10:15 PM
19
cve
cve

CVE-2024-21732

FlyCms through abbaa5a allows XSS via the permission management feature.

6.1CVSS

5.9AI Score

0.0005EPSS

2024-01-01 08:15 AM
21
cve
cve

CVE-2024-22548

FlyCms 1.0 is vulnerable to Cross Site Scripting (XSS) in the system website settings website name section.

5.4CVSS

5.2AI Score

0.0004EPSS

2024-01-18 03:15 PM
11
cve
cve

CVE-2024-22549

FlyCms 1.0 is vulnerable to Cross Site Scripting (XSS) in the email settings of the website settings section.

5.4CVSS

5.3AI Score

0.0004EPSS

2024-01-18 03:15 PM
7
cve
cve

CVE-2024-22568

FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/score/del.

8.8CVSS

8.7AI Score

0.001EPSS

2024-01-18 03:15 PM
7
cve
cve

CVE-2024-22591

FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/user/group_save.

8.8CVSS

8.7AI Score

0.001EPSS

2024-01-18 03:15 PM
10
cve
cve

CVE-2024-22592

FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/user/group_update

8.8CVSS

8.7AI Score

0.001EPSS

2024-01-18 03:15 PM
5
cve
cve

CVE-2024-22593

FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/admin/add_group_save

8.8CVSS

8.8AI Score

0.001EPSS

2024-01-18 03:15 PM
11
cve
cve

CVE-2024-22601

FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/score/scorerule_save

8.8CVSS

8.7AI Score

0.001EPSS

2024-01-18 05:15 PM
11
cve
cve

CVE-2024-22603

FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/links/add_link

8.8CVSS

8.7AI Score

0.001EPSS

2024-01-18 05:15 PM
9
cve
cve

CVE-2024-22699

FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/admin/update_group_save.

8.8CVSS

8.7AI Score

0.001EPSS

2024-01-18 04:15 PM
11
cve
cve

CVE-2024-22817

FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/email/email_conf_updagte

8.8CVSS

8.7AI Score

0.001EPSS

2024-01-18 05:15 PM
8
cve
cve

CVE-2024-22818

FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerbility via /system/site/filterKeyword_save

8.8CVSS

8.7AI Score

0.001EPSS

2024-01-18 05:15 PM
7
cve
cve

CVE-2024-22819

FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/email/email_templets_update.

8.8CVSS

8.7AI Score

0.001EPSS

2024-01-18 05:15 PM
6